HackTheBox - Axlle

Name: HackTheBox - Axlle
Uploaded: 2024-11-16T15:02:26Z
Channel: IppSec
Description: 00:00 - Introduction 01:00 - Start of nmap 04:50 - Looking at what an XLL Is 06:50 - Finding a skeleton xll payload, then compiling it on Linux 12:20 - ...

IppSec · Beginner ·🔐 Cybersecurity ·1y ago

00:00 - Introduction 01:00 - Start of nmap 04:50 - Looking at what an XLL Is 06:50 - Finding a skeleton xll payload, then compiling it on Linux 12:20 - Shell returned, grabbing the NTLMv2 Hash of our user with responder 17:45 - Looking into hMailServer, discovering emails from other users. Hints at dropping URL Shortcuts in a directory 21:20 - Converting the XLL Payload to an exe, then uploading it to the box and creating a URL Shortcut and getting shell as Dallon.Matrix 25:40 - Using Powershell to search a directory for files containing password, discovering the Powershell ConsoleHost_History…

Watch on YouTube ↗ (saves to browser)

Chapters (13)

Introduction

1:00 Start of nmap

4:50 Looking at what an XLL Is

6:50 Finding a skeleton xll payload, then compiling it on Linux

12:20 Shell returned, grabbing the NTLMv2 Hash of our user with responder

17:45 Looking into hMailServer, discovering emails from other users. Hints at droppi

21:20 Converting the XLL Payload to an exe, then uploading it to the box and creatin

25:40 Using Powershell to search a directory for files containing password, discover

28:00 Using Bloodhound.Py to get bloodhound data

37:20 Discovering we can ForceChangePassword on other users

42:15 For some reason our Bloodhound Python Ingestor didn't get the WinRM Edge, runn

46:00 The users in App Dev can enter the "App Development" directory which has a pro

50:45 Creating the StandaloneRunner LOLBin and waiting for the scheduled task to ope

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →